For anyone working in Cybersecurity, it can be hard to convince your board to understand the issues, and to invest money or focus on Cyber Security issues. I have presented Cyber issues to multiple Boards, and here is my advice on how to get Boards to understand Cybersecurity issues –… Continue Reading Cybersecurity for boards – analogy to Health & Safety

Even with the gradual increase in cybersecurity literacy amongst the masses, there are still some myths that people follow religiously, even Cybersecurity professionals. I will set out to bust some of those myths here. Many of the myths have come from companies advertising products as a “silver bullet” solution, some… Continue Reading Cybersecurity Myths – my home network is safe

Even with the gradual increase in cybersecurity literacy amongst the masses, there are still some myths that people follow religiously, even Cybersecurity professionals. I will set out to bust some of those myths here. Many of the myths have come from companies advertising products as a “silver bullet” solution, some… Continue Reading Cybersecurity Myths – my password use does not matter

Even with the gradual increase in cybersecurity literacy amongst the masses, there are still some myths that people follow religiously, even Cybersecurity professionals. I will set out to bust some of those myths here. Many of the myths have come from companies advertising products as a “silver bullet” solution, some… Continue Reading Cybersecurity Myths – phones are safe

Even with the gradual increase in cybersecurity literacy amongst the masses, there are still some myths that people follow religiously, even Cybersecurity professionals. I will set out to bust some of those myths here. Many of the myths have come from companies advertising products as a “silver bullet” solution, some… Continue Reading Cybersecurity Myths – changing passwords

Even with the gradual increase in cybersecurity literacy amongst the masses, there are still some myths that people follow religiously, even Cybersecurity professionals. I will set out to bust some of those myths here. Many of the myths have come from companies advertising products as a “silver bullet” solution, some… Continue Reading Cybersecurity Myths – It’s not my responsibility

Even with the gradual increase in cybersecurity literacy amongst the masses, there are still some myths that people follow religiously, even Cybersecurity professionals. I will set out to bust some of those myths here. Many of the myths have come from companies advertising products as a “silver bullet” solution, some… Continue Reading Cybersecurity Myths – I’ve got a firewall

Even with the gradual increase in cybersecurity literacy amongst the masses, there are still some myths that people follow religiously, even Cybersecurity professionals. I will set out to bust some of those myths here. Many of the myths have come from companies advertising products as a “silver bullet” solution, some… Continue Reading Cybersecurity Myths – I’m not a target

Creation of good policies and procedures is an art that can be helped with some core advice. Policies are the backbone of how a business tells their employees how to act and react, and ensures consistency and productivity. A great company culture, a consistent vision and values, and compliance with… Continue Reading Creating good policies and procedures

Yesterday, there was a world-wide incident that affected computers running CrowdStrike Falcon, where there was a conflict between the vendor’s anti-malware protection and the Windows sensor, resulting in a BSOD and unresponsive computers. This is a major incident that was effectively the effective impact as we were expecting from the… Continue Reading Lessons from the CrowdStrike incident

On International Women’s Day, I am reminded of the need for diversity in the workforce, and want to pose the question of what does diversity mean to you? Diversity is not just the inclusion of other races, genders and backgrounds. More than just a blind quota of non-white, non cisgender,… Continue Reading What does diversity mean to you?

Terminology around privacy and security often will use the term “PII” – to refer to “Personally Identifiable Information”. However, PII in Australia is not a valid term – the definition by the OAIC is “personal information”, and it differs from the US term (from NIST) and the legal obligations around… Continue Reading PII in Australia and personal information

Data Sovereignty with cybersecurity is a hot question that many organisations consider to be one of their early considerations when selecting a service provider for storing their data. The intention is that important data needs to not be held in foreign datacentres, so that foreign governments cannot withhold the data… Continue Reading Cybersecurity and Data Sovereignty

The English journalist Louis Theroux has a reputation for interviewing “difficult” and unusual people and subcultures, and getting a large amount of information and knowledge from people who otherwise do not open up to outsiders. The techniques and patterns that he uses to get people to open up are methods… Continue Reading Get information the Louis Theroux way

Cybersecurity is more than just firewalls and anti-virus, goes further than just zero-trust approaches and cultural changes, and is beyond just policy and compliance. Cybersecurity is not an ‘action’ or a ‘solution’ – it is an ongoing activity that needs constant review and updating. Cybersecurity Planning will vary for each… Continue Reading Cybersecurity planning

What is your strategy for patching and updates? Whilst it might be tempting to just leave your systems on auto-update, the alternative to manually delay updates to always be one behind the latest (also known as an N-1 update strategy), may also be a problem. Updates and patching of software… Continue Reading N-1 update strategy